UPDATE OF www . thewonderroom . gr ON PRIVACY  

Take some time to read this and get informed about the way in which the company under the name ” G. Lambrakis & Co. EE.” Based in Neo Psychiko, Attica, Lykourgou and Olympionikon street no. 220 (hereinafter referred to as the ” Company ” or ” us “) acting as Processor, collects, stores, uses and generally processes your personal data when you visit, register or use the Company’s website (hereinafter referred to as the ” Website “).

This Update also describes how you use, share and protect your personal data, the options you have regarding your personal data, and how you can contact us. For any questions regarding this Privacy Policy, as well as any issues related to the processing of your data and the exercise of your rights, you can contact the Data Protection Officer (DPO) of the Company at the Lykourgou and Olympionikon 220, Neo Psychiko Attica or at the e-mail address [email protected] 1. A few words about the Website   

 

The www.thewonderroom.gr is the Company’s website, where the online store’s exposure and sales of the Company’s products occur and by which it is possible to locate information and updates about the Company and its activities.  

  1. What is personal data

The term “personal data” refers to information of individuals, such as name, postal address, e-mail address, contact, telephone number, etc., which identify or can identify you, hereinafter referred to as ” Personal Data ” or ” Data “.

  1. What is Personal Data Processing

Any operation or series of operations performed with or without the use of automated means, on personal data or on personal data sets, such as collection, registration, organization, structure, storage, adaptation or modification, retrieval, the search for information, the use, the disclosure by transmission, the dissemination or any other form of disposal, the association or combination, the restriction, the deletion or the destruction.

  1. Is it mandatory to provide your Data?

The provision of the Data to the Company may be necessary to achieve the purposes set out in this Personal Data Update or be optional.

The mandatory or optional nature of the Data assignment is indicated by an asterisk (*) next to the personal data of a mandatory nature.

If you refuse to provide the information that is marked as mandatory on the Website, it will be impossible to achieve the main purpose of collecting this Data, and may, for example, make it impossible for the Company to fulfill the sales contract or provide other services which are available on the Website.

The provision of additional Data to the Company, in addition to those that are marked as mandatory, is optional and does not have consequences for the main purposes of data collection, but their provision serves to optimize the quality of services provided.

  1. What Data do we collect?

We are really cautious in collecting only your absolutely necessary Data, which are appropriate and clear for the intended purpose. This Data includes the following:

  • Data when creating a user account on the Website

– Required: email address *, password (login password) *

Optional: name, surname, sheet, date of birth, postal address, telephone number.

  • Details of your transactions with us, either through our physical store or through our online store

– For example, we collect notes from our conversations with you, details of any complaints or comments you make, details of purchases you made, products added to or removed from your cart, list of products you wish to purchase (wish list), coupon redemptions, websites you visit and how and when you contact us.

  • Shopping interests and preferences, which help us to suggest you specific products and services that interest you

– For example, which products do you prefer to receive a personalized offer from us 

We will request and use only the Data we have collected to suggest products or services of interest to you and to further improve your shopping experience with us. Of course, it is always your choice if you share such information with us.

  • Traffic information of our website or other websites that you have browsed before us
  • Information collected from the use of cookies in your browser. Learn more about how to use cookies here   
  • Copies of the documents you provide to prove your age or identity when required by law (such as a copy of a police or student ID).

– For example these copies may include details of your full name, address, date of birth and picture of your face (photo). If you provide a passport, the details will also include your place of birth, gender and nationality.

  • Payment information.
  • Your reviews and product reviews.
  • To provide the best possible website experience, we collect technical information about your internet connection and browser, as well as the country and phone code where your computer is located, the web page preferences and the ads that click and enter any search terms. Learn more about it  

Minors under sixteen (16) years old 

We comply with the law and do not allow minors who are under sixteen (16) years old to register on the Website. We will seek the consent of the parental guardian for these minors who participate in the experiences and events of the Company. 

  1. How we use your Data

We want to offer you the best possible shopping experience. To achieve this, it is necessary to obtain a complete picture of you, combining the Data we have collected. We then use your Data to offer you offers for products and services that you may be interested in.

Legislation for the protection of personal data allows us to do the above in the context of our legitimate interest and the need to understand our customers in order to provide them with a high level of service.

Of course, if you ever want to change the way we use your Data, you will find details in sections 14 & 15 “What are your rights” and “How you can exercise your rights” below.

Remember, if you choose not to share the Data with us or to refuse certain communication rights, we may not be able to provide some of the services you have requested. For example, if you asked us to let you know when a product is available again, we may not be able to help you if you have withdrawn your general consent to receive updates from us.

Finally, we inform you that the processing of your Data is carried out either by the specially authorized personnel of the Company, or through computer systems and electronic devices by the Company and exceptionally by third parties, who, having contractually committed to the confidentiality and protection of your Data performs tasks that are necessary to achieve the goals strictly associated with the use of our Website, its services and the sale of products through our Website. Information on this can be found below in section 9 “Who are the recipients of your Data? How your Data is communicated “.

Below you will find details about how we use your data and why:  

To provide information about our Website and the services you request

  • Product Orders: The Company processes your Data in order to fulfill its contractual relationship, to process product ordering, to provide customer service, to comply with legal obligations, to oppose, raise or enforce legal requirements. If we do not collect your Data upon completion of the order either from our physical store or from our online store, we will not be able to process your order and comply with our legal obligations. Your Data may need to be transferred to third parties for the supply or delivery of the product you have ordered. In addition, we may retain your Data for a reasonable period of time in order to meet our contractual obligations, such as product returns, as required by law.
  • Creating a User Account: The Company processes your Data in order to provide you with the account functions and to facilitate the conclusion of the purchase of products.
  • Contact: The Company uses your Data to respond to your requests / inquiries, refund requests and / or complaints. The information you share with us, enables us to manage your requests and respond to you in the best possible way. We may also maintain a record of your inquiries / requests to us in order to better respond to any future communication. We do this based on our contractual obligations to you, our legal obligations and our legitimate interests in order to provide you with the best possible service and to be able to improve our services based on your personal experience. 
  • Sometimes, we will need to share your Data with a third party that provides a service (such as courier delivery). Without sharing your personal information, we would not be able to satisfy your request. Here is more information about how we share personal data with third parties.
  • Finding a Job: The Company processes your Data for the evaluation of your qualifications and competencies for the position for which you applied or for another position within the Company as well as for reasons of communication with you in relation to this purpose. 

To share information about our products, services and events, as well as for other promotional purposes

  • Sending newsletter / offers: With your consent, we will use your personal data, preferences and transaction details to inform you via email, phone and / or social media about related products and services, including personalized / personalized offers, discounts, etc. Of course you have the option to revoke this consent at any time. 
  • Web push notifications: Depending on your navigation, you can receive, having previously given your consent, notifications about our offers, news, your wish list and your shopping cart. Of course you can revoke this consent at any time. 
  • Participation in Competitions: The Company processes your Data, in case you agree to participate in competitions it conducts, to notify you if you are the winner of the competition and to deliver your gift.

For the operation, improvement and maintenance of our business, products and services

  • Development and improvement of systems and services for the products we provide. We do this based on our legitimate business interests.
  • We want to offer you offers and suggestions that are more relevant to your interests. To help us form a better and more general understanding of you as a customer, we combine your personal data gathered throughout our relationship, for example your shopping history in both our physical store and our online store. To this end, we also combine the Data we collect directly from you with Data we receive from third parties to whom you have given your consent to transfer this data to us. For example, combining this data will help us tailor your experience and decide what inspiration or content to share with you. We also use anonymous data from customer history to track trends in different parts of the country. This can then guide what products we display in specific stores.
  • To show you the most interesting content on our Website, we will use the Data we maintain for your favorite products. This is based on your consent to receive notifications about our Website, your consent to place cookies on your device. For example, we may display a list of recently viewed products or offer recommendations based on your shopping history and any other data you have shared with us.
  • To send you research and evaluation requests so we can improve our services. These messages will not contain promotional content and do not require prior consent when sent by email or text message (SMS). We have a legitimate interest in doing so, as this helps our products or services to be more relevant to you. Of course, you are free to refuse to receive these requests from us at any time by updating your preferences to your online account.

For the protection of rights, assets or security, ours or those of others

  • Protect your account from fraud and other illegal activities: This includes using your Data to maintain, update and protect your account. We also monitor browsing activity with us to quickly identify and resolve any issues and protect the integrity of our website. All of the above are part of our legitimate interest. For example, we check your password when you log in and use automated IP address tracking to detect possible false inputs from unexpected locations.
  • Processing payments and preventing fraudulent transactions: We do this based on our legitimate business interests. This also helps protect our customers from fraud.

For our compliance with our obligations arising from the law

  • In order to comply with our contractual or legal obligations to exchange data with law enforcement. For example, following a court decision to exchange data with judicial services.
  • To send you communications required by law or necessary to inform you of changes in the services we provide . For example, updates on these privacy notices, product recall notices, and legally required information about your orders. These service messages will not contain promotional content and do not require prior consent when sent by email or text message (SMS). If we do not use your personal data for these purposes, we will not be able to comply with our legal obligations.
  1. For what purpose do we process your Data?

We collect your Data for the purposes of the provided products and / or services of our Company and especially for:

  1. a) the management of the sale of our products, e.g. your communication and information about the availability of products and the progress of your order, the execution of your order, the shipment of products, the management of your debts to us, the realization of returns and the provision of guarantees.
  2. b) compliance with the obligations imposed by the current legislation e.g. tax legislation, e-commerce directive,
  3. c) controlling, improving and adapting to your preferences and choices regarding our products and / or services;
  4. d) the sending, by electronic or traditional means, of administrative, technological, organizational and / or commercial information for products and / or services of the Company.
  5. e) our customer satisfaction research, the promotion of our products and / or services, the sending of newsletters for our products and / or services.
  6. f) the evaluation of applications and CVs for the purpose of recruitment in our Company.
  7. What is the legal basis for the processing of your Data by the Company?
  • Data protection legislation sets out a number of reasons why a company may collect and process your personal data, including: the terms of our contractual relationship
  • your consent, where required. For example, when you choose to receive a newsletter. When collecting your personal data, we will always inform you what data is necessary in relation to a particular service.
  • the Company’s obligations arising from the law (e.g. tax legislation, e-commerce legislation, etc.)
  • the legal interest of our Company. In certain cases, we collect your Data in a way that is reasonably expected as part of the operation of our business and that does not substantially affect your rights, freedoms or interests. For example: 

– We will use your shopping history to send you or make personalized offers.

– We also combine the customer history of multiple customers to identify trends and ensure that we can keep up with market demand or develop new products / services.

  1. Who are the recipients of your Data – How is your Data communicated?

Access to your Data is the absolutely necessary staff of the Company, which is committed to maintaining confidentiality and our partner companies or third party service providers, who process your Data as Processors on our behalf and in accordance with our orders.

Data Disclosure by the Company

The Company shares your Data with:

  • Stores and / or commercial companies that cooperate with the Company for the sale of their products / services through our Website.
  • Third party service providers that process personal data on behalf of the Company, for example (indicatively mentioned) for credit card processing and payments, transfers and deliveries, hosting, management and maintenance of our data, email distribution, research and analysis, management of its promotional activities Company and products, Google, Facebook, and management of certain services and components. When we use third party service providers we enter into agreements that oblige them to implement appropriate technical and organizational measures to protect your personal data.
  • Other third parties, to the extent required for the following purposes: (i) compliance with a government request, court decision or applicable law, (ii) preventing illegal uses of our Website or breaches of our Website Terms of Use and policies, ( iii) our protection against third party claims, and (iv) helping to prevent or investigate fraud (eg counterfeiting)
  • To other third parties when you yourself have given your consent

Notification from you

  • When you use certain social media items on our Website, you may create a public profile that includes information such as username, profile picture and city. You can also share content with your friends or the general public, including information about your interaction with the Company. We encourage you to use the tools we provide to manage the Company’s social media sharing in order to control the information you make available through the Company’s social media data.

The following is the policy we apply to those with whom we share your Data in accordance with the above:

  • We provide only the information needed to perform their specific services.
  • They may use your Data only for the exact purposes set forth in our contract with them.
  • We work closely with them to ensure that your privacy is respected and protected at all times.
  • If we stop using their services, any of the data they hold will be deleted or made anonymous.

To improve your customer experience on our Website, we use service providers (such as marketing, website hosting, delivery and distribution etc.), which will process your Personal Data as part of their contracts with us

For more information regarding the disclosure of your Data to third parties, please contact the Data Protection Officer of our Company. [email protected] )  

  1. How do we ensure that Editors respect your Data?

The Executors on our behalf have agreed and committed contractually with the Company:

  • to maintain confidentiality,
  • not to send your Data to third parties without the permission of the Company,
  • take appropriate security measures,
  • comply with the legal framework for the protection of personal data and in particular Regulation 979/2016 / EU (otherwise GDPR).
  1. International Data Transfer

The personal data that we collect (or process) within the framework of our Website will be stored in Greece. However, some of the recipients of the Data with whom the Company shares your Personal Data may be located in countries other than the one where your Personal Data was originally collected. Legislation in those countries may not provide the same level of data protection as the country that originally provided your Personal Data. However, when we transfer your Personal Data to recipients in other countries, including the US, we are committed to protecting your Personal Data as described in this Privacy Policy and in accordance with applicable law.

We take steps to comply with applicable legal requirements for the transfer of personal data to recipients in countries outside the European Economic Area or Switzerland that do not provide an adequate level of protection. We use various measures to ensure that your Personal Data transferred to these countries enjoys adequate protection in accordance with data protection rules. These include signing the Contract Clauses, certifying that the recipient has adopted European binding rules or complying with the EU-US and Switzerland-US Privacy Shield.

  1. How long do we keep your Data?

We retain your Personal Data for as long as necessary to fulfill the purposes set forth in this Personal Data Update (unless a longer retention period is required by applicable law). Generally, this means that we will keep your personal data for as long as you have an account with our Company. Regarding your Personal Data related to product purchases, we retain this data for a longer period in order to comply with our legal obligations (such as tax and commercial law and for warranty purposes). At the end of this retention period, the data will be completely deleted or anonymized, for example by aggregation with other data, so that they can be used in an unrecognizable way for statistical analysis and business planning.

Some examples of customer data retention periods:

  • Orders

When you place an order, we will retain the personal information you provided to us for five years so that we can comply with our legal and contractual obligations. In the case of some products, such as electrical items, we will keep the data for 10 years.

  • Guarantees

If your order included a warranty, the relevant personal data will be retained until the end of the warranty period.

  • Newsletter

Your statement of consent for sending a newsletter (newsletter) is kept for as long as a newsletter is sent to you by the Company and in any case not more than six months from the cessation of sending it.

  1. Is your Data secure?

We are committed to safeguarding your Personal Data.

Recognizing the importance of the security of your Personal Data, we have taken all appropriate organizational and technical measures to secure and protect your Data from any form of accidental or improper processing. We use the most modern and advanced methods to ensure maximum safety.

The Website uses the TLS protocol, for secure online commercial transactions. This encrypts all the Data you provide, including your credit card number, name and address, so that it cannot be decrypted or changed while being transferred over the Internet.

Additionally, the information used to identify you as an account user is twofold: Username and Password. Each time you enter your details, you are given access to your personal account. This process is achieved securely through encryption during their transfer to the Internet and the servers of the Company. By the same token, you are allowed to change your Password as often as you wish. After the registration of the desired password, the new password is coded and stored in the Company’s systems. For this reason, you are the only one who knows your password and you are solely responsible for maintaining its confidentiality from third parties.   

These measures shall be reviewed and amended as necessary.

  1. What are your rights?

You have the right to access your personal data.  

This means that you have the right to be informed by us if we process your Data. If we process your Data you can ask to be informed about the purpose of processing, the type of your Data we hold, to whom we give it, how long we store it, if automated decisions are made, but also about your other rights, such as correction, deletion of data, restriction of processing and submission of a complaint to the Personal Data Protection Authority.

You have the right to correct inaccurate personal data.  

If you find that there is an error in your Data you can request us to correct it (e.g. name correction or change of address notification).

You have the right to delete / forget. 

You can ask us to delete your data if it is no longer necessary for the above mentioned processing purposes or you wish to revoke your consent in case this is the only legal basis.

You have the right to portability of your Data.  

You can ask us to receive in readable form the Data you have provided or ask us to pass it on to another editor.

You have the right to restrict processing. 

You can ask us to restrict the processing of your Data for as long as your processing objections are pending.

You have the right to object and withdraw your consent to the processing of your Data.

You may object to the processing of your Data and we will stop processing your Data unless there are other compelling and legitimate reasons that override your right. If you have given your consent to the collection, processing and use of your personal data, you may revoke your consent at any time with future effect.

 

Choosing not to receive Marketing Communications.  

You can choose not to receive marketing communications of the Company by modifying your options in the user account (my profile) of our Website. You can also choose not to receive marketing communications by changing the email and sms records by clicking the delete link or following the instructions included in the message. Alternatively, you can contact us using the contact details in the “Questions and Comments” section below.

In case we rely on our legitimate interest. 

In cases where we process your personal data based on our legitimate interest, you can ask us to stop for reasons related to your personal situation. We must then do so if we do not believe we have a legitimate reason to continue to process your Personal Data.

  1. How can you exercise your rights?

To exercise your rights you can submit a request to the Data Protection Officer (Data Protection Officer) at the postal address of the Company (G. Lambrakis & Co. EE Lykourgou and Olympionikon no. 220, Neo Psychiko Attikis) or at the e-mail address of [email protected] entitled “Exercise of Right” and we will make sure to examine it and answer you as soon as possible.   

Exceptionally:

  • If you wish to correct your Data in your user account, you can log in to it and make any correction / change without the need to submit a Request.
  • If you wish to withdraw your consent to send a newsletter (newsletter) you can do so by selecting the link “To delete from the” newsletter mailing list “click here” located at the bottom of each newsletter.
  • If you wish not to receive web push notifications from the Company, you can disable the option from your browser setting.

Identity check

To protect the confidentiality of your information, we will ask you to verify your identity before making any request under this Privacy Policy. If you have authorized a third party to submit a request on your behalf, we will ask them to prove that they have your permission to act for this purpose.

  1. When do we respond to your requests?

We respond to your requests free of charge without delay, and in any case within (1) one month from the time we receive your request. However, if your Request is complicated or there is a large number of your Requests we will inform you within the month if we need to receive an extension of another (2) two months within which we will respond to you.

If your Requests are manifestly unfounded or excessive, in particular due to their recurring nature, the Company may impose a reasonable fee, taking into account the administrative costs of providing the information or performing the requested action or refusing to follow up on the Request.

 

  1. What is the applicable law when processing your Data by us?

Applicable Law is the Greek Law, as formulated according to the General Regulation for the Protection of Personal Data 2016/679 / EU, and in general the current national and European legislative and regulatory framework for the protection of personal data.

The competent courts for any emerging disputes related to your Data are the Courts of Athens.

  1. Where can you go if we violate the applicable law for the protection of your Personal Data?

You have the right to submit a complaint to the Personal Data Protection Authority (postal address 1-3 Kifissias, PC 115 23, Athens, tel. 210. 6475600, e-mail address [email protected]), if you consider that the processing of your Personal Data violates the applicable national and regulatory framework law for the protection of personal data.

  1. How will you be notified of any changes to this Policy?

We update this Privacy Policy whenever necessary. If there are significant changes to our Privacy Policy or the way we use your Personal Data, we will post this update on our Website before the changes take effect and notify you in any appropriate manner.

We encourage you to read this Policy at regular intervals to know how your Data is protected. This privacy policy was last modified on 09/21/2020. 

  1. Questions and Comments?

We hope this Privacy Policy has helped you understand how we handle your Personal Data and your rights to control the handling of our Company. 

If you have any questions that are not covered, or any comments or concerns you may have about our Privacy Policy please contact our Data Protection Officer who will be happy to assist you:

  • Email to the email address: [email protected] 
  • Letter to the Data Protection Officer at the address Lykourgou and Olympiakon no. 220, Neo Psychiko, Attica.